杏吧Pro

The U.S. Securities and Exchange Commission and software company SolarWinds Corp. have reached a settlement, ending a federal lawsuit that alleged investor fraud and known cybersecurity vulnerabilities.

Early this month the SEC and SolarWinds jointly filed to stay the case, a request that was quickly granted by District Court Judge Paul A. Engelmayer in the South District of New York.

That parties said they “have reached a settlement in principle that would completely resolve this litigation” and requested a pause in the case to finalize paperwork and allow SEC commissioners to approve the settlement. According to the court document, settlement details are to be submitted by September 12 or the sides will provide a status update to the court.

“The court congratulates counsel and the parties on this productive development,” Engelmayer wrote in his approval.

The SEC in October 2023 announced the charges against Austin-based SolarWinds and Timothy G. Brown, the company’s chief information security officer. The SEC alleged SolarWinds and Brown violated securities laws by concealing vulnerabilities and cyber events in regulatory filings and other statements from at least its initial public offering in October 2018 to December 2020, when it announced it was the victim if a two-year long cyberattack known as Sunburst.

Related: SEC Sues SolarWinds for Concealing Risks Before Massive Hack

The case was the first in which the SEC sued a company that was the victim of a cyberattack without simultaneously announcing a settlement. However, last year Engelmayer dismissed much of the lawsuit. He said the claims were based on “hindsight and speculation.”

The SolarWinds cyberattack, linked to Russia, was used to access the data of thousands of companies and government offices. At the time, Microsoft called it the “largest and most sophisticated attack the world has ever seen.”

Topics Lawsuits